public function runtest()
{
if (empty($this->userdata['email'])) {
print $GLOBALS['I18N']->get('Test email not set ');
return 0;
}
## insert an HTML page as a message
Sql_Query(sprintf('insert into %s
(subject,fromfield,message,footer,entered,status,sendformat)
values("phplist test sendpage","test","[URL:http://www.phplist.com]","Unsubscribe link: [UNSUBSCRIBE]",now(),"test","text and HTML")', $GLOBALS['tables']['message']));
require_once dirname(__FILE__) . '/../sendemaillib2.php';
$testmsg = Sql_Insert_id();
print $GLOBALS['I18N']->get('Sending HTML version to ') . $this->userdata['email'];
$suc6 = 0;
$suc6 = sendEmail($testmsg, $this->userdata['email'], $this->userdata['uniqid'], 1);
if ($suc6) {
print ' ... ' . $GLOBALS['I18N']->get('OK');
} else {
print ' ... ' . $GLOBALS['I18N']->get('Failed');
}
print '<br/>';
print $GLOBALS['I18N']->get('Sending Text version to ') . $this->userdata['email'];
$suc6 = $suc6 && sendEmail($testmsg, $this->userdata['email'], $this->userdata['uniqid'], 0);
if ($suc6) {
print ' ... ' . $GLOBALS['I18N']->get('OK');
} else {
print ' ... ' . $GLOBALS['I18N']->get('Failed');
}
print '<br/>';
if (CLICKTRACK) {
print $GLOBALS['I18N']->get('Note: Links in emails will not work, because this is a test message, which is deleted after sending') . '<br/>';
}
print $GLOBALS['I18N']->get('Check your INBOX to see if all worked ok') . '<br/>';
#deleteMessage($testmsg);
print "Message ID: {$testmsg}<br/>";
return $suc6;
}
if ($dbversion > "1.4.1")
break;
ignore_user_abort();
set_time_limit(500);
reset($DBstruct);
while (list($table,$value) = each ($DBstruct)) {
set_time_limit(500);
if ($table_prefix)
Sql_Query("alter table $table rename $tables[$table]",1);
print "<br>Upgrading $table<br />";
if ($table == "user" && Sql_Table_Column_Exists($tables["user"],"name")) {
$c = 1;
foreach (array("name","address1","address2","postcode","town") as $item) {
Sql_Verbose_Query(sprintf('insert into %s (name,type,listorder,required) values("%s","textline",%d,0)',$tables["attribute"],$item,$c));
$c++;
$attribute_id = Sql_Insert_id();
print "<P>Now copying user data to new table<br>";
$req = Sql_Query("select id,$item from ".$tables["user"]);
while ($user = Sql_Fetch_Row($req))
Sql_Query(sprintf('insert into %s values(%d,%d,"%s")',$tables["user_attribute"],$attribute_id,$user[0],addslashes($user[1])));
Sql_Verbose_Query("alter table {$tables["user"]} drop column $item");
flush();
}
}
$success = $success && upgradeTable($tables[$table],$DBstruct[$table]);
flush();
}
Sql_Verbose_Query("update {$tables["user"]} set confirmed = 1");
$req = Sql_Query("select tablename from ".$tables["attribute"]);
while ($row = Sql_Fetch_Row($req)) {
set_time_limit(500);
if (is_array($selected)) {
while(list($key,$val) = each($selected)) {
$entry = readentry("data/$val");
list($name,$desc) = explode(":",$entry);
print "<br/><br/>Loading $desc<br>\n";
$lc_name = str_replace(" ","", strtolower(str_replace(".txt","",$val)));
$lc_name = ereg_replace("[^[:alnum:]]","",$lc_name);
if ($lc_name == "") Fatal_Error("Name cannot be empty: $lc_name");
Sql_Query("select * from {$tables['attribute']} where tablename = \"$lc_name\"");
if (Sql_Affected_Rows()) Fatal_Error("Name is not unique enough");
$query = sprintf('insert into %s (name,type,required,tablename) values("%s","%s",%d,"%s")',
$tables["attribute"],addslashes($name),"select",1,$lc_name);
Sql_Query($query);
$insertid = Sql_Insert_id();
$query = "create table $table_prefix"."listattr_$lc_name (id integer not null primary key auto_increment, name varchar(255) unique,listorder integer default 0)";
Sql_Query($query);
$fp = fopen("data/$val","r");
$header = "";
while (!feof ($fp)) {
$buffer = fgets($fp, 4096);
if (!ereg("#",$buffer)) {
if (!$header)
$header = $buffer;
else if (trim($buffer) != "")
Sql_Query(sprintf('insert into %slistattr_%s (name) values("%s")',$table_prefix,$lc_name,trim($buffer)));
}
}
fclose ($fp);
}
Sql_Query(sprintf('update %s set value = %d where attributeid = %d', $tables['user_attribute'], $val_index, $attid));
}
Sql_Query(sprintf('update %s set attributeid = %d where attributeid = %d', $tables['user_attribute'], $first, $attid), 1);
Sql_Query(sprintf('drop table %s', $table_prefix . 'listattr_' . $attdata['tablename']), 1);
Sql_Query(sprintf('delete from %s where id = %d', $tables['attribute'], $attid));
# mark forms to use the merged attribute
if ($formtable_exists) {
Sql_Query(sprintf('update formfield set attribute = %d where attribute = %d', $first, $attid), 1);
}
break;
case 'checkbox':
$exists = Sql_Fetch_row_Query(sprintf('select id from %s where name = "%s"', $valuestable, $attdata['name']));
if (!$exists[0]) {
Sql_Query(sprintf('insert into %s (name) values("%s")', $valuestable, $attdata['name']));
$val_index = Sql_Insert_id();
} else {
$val_index = $exists[0];
}
Sql_Query(sprintf('update %s set value = concat(value,",","%s") where attributeid = %d and (value != 0 or value != "off") ', $tables['user_attribute'], $val_index, $first));
Sql_Query(sprintf('delete from %s where id = %d', $tables['attribute'], $attid));
# mark forms to use the merged attribute
if ($formtable_exists) {
Sql_Query(sprintf('update formfield set attribute = %d where attribute = %d', $first, $attid), 1);
}
break;
case 'checkboxgroup':
# hmm, this is a tricky one.
print Error($GLOBALS['I18N']->get('Sorry, merging of checkbox groups is not implemented yet'));
break;
}
if (!$valueid[0]) {
Sql_Query(sprintf('insert into %slistattr_%s set name = "%s"', $table_prefix, $tname[0], $att["displayvalue"]));
$att["value"] = Sql_Insert_id();
} else {
$att["value"] = $valueid[0];
}
break;
case "checkboxgroup":
$vals = explode(",", $att["displayvalue"]);
array_pop($vals);
$att["value"] = "";
foreach ($vals as $val) {
$valueid = Sql_Fetch_Row_Query(sprintf('select id from %slistattr_%s where name = "%s"', $table_prefix, $tname[0], $val));
if (!$valueid[0]) {
Sql_Query(sprintf('insert into %slistattr_%s set name = "%s"', $table_prefix, $tname[0], $val));
$att["value"] .= Sql_Insert_id() . ',';
} else {
$att["value"] .= $valueid[0] . ",";
}
}
$att["value"] = substr($att["value"], 0, -1);
break;
}
if ($att["value"]) {
Sql_Query(sprintf('replace into %s set
attributeid = %d, userid = %d, value = "%s"', $tables["user_attribute"], $localattid, $userid, addslashes($att["value"])));
}
}
}
}
if (is_array($userlists)) {
function repeatMessage($msgid)
{
if (!USE_REPETITION) {
return;
}
$msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval repeat minute) as newembargo,
date_add(now(),interval repeat minute) as newembargo2, date_add(embargo,interval repeat minute) > now() as isfuture
from %s where id = %d and repeatuntil > now()', $GLOBALS["tables"]["message"], $msgid));
if (!$msgdata["id"] || !$msgdata["repeat"]) {
return;
}
# copy the new message
Sql_Query(sprintf('
insert into %s (entered) values(now())', $GLOBALS["tables"]["message"]));
$id = Sql_Insert_id();
require $GLOBALS["coderoot"] . "structure.php";
if (!is_array($DBstruct["message"])) {
logEvent("Error including structure when trying to duplicate message {$msgid}");
return;
}
foreach ($DBstruct["message"] as $column => $rec) {
if ($column != "id" && $column != "entered") {
Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS["tables"]["message"], $column, addslashes($msgdata[$column]), $id));
}
}
# correct some values
if (!$msgdata["isfuture"]) {
$msgdata["newembargo"] = $msgdata["newembargo2"];
}
Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS["tables"]["message"], $msgdata["newembargo"], $id));
foreach (array("processed", "astext", "ashtml", "astextandhtml", "aspdf", "astextandpdf", "viewed", "bouncecount") as $item) {
Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS["tables"]["message"], $item, $id));
}
# lists
$req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS["tables"]["listmessage"], $msgid));
while ($row = Sql_Fetch_Row($req)) {
Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS["tables"]["listmessage"], $id, $row[0]));
}
# attachments
$req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"], $GLOBALS["tables"]["message_attachment"], $msgid, $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"]));
while ($row = Sql_Fetch_Array($req)) {
if (is_file($row["remotefile"])) {
# if the "remote file" is actually local, we want to refresh the attachment, so we set
# filename to nothing
$row["filename"] = "";
}
Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size)
values("%s","%s","%s","%s",%d)', $GLOBALS["tables"]["attachment"], addslashes($row["filename"]), addslashes($row["remotefile"]), addslashes($row["mimetype"]), addslashes($row["description"]), $row["size"]));
$attid = Sql_Insert_id();
Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS["tables"]["message_attachment"], $id, $attid));
}
logEvent("Message {$msgid} was successfully rescheduled");
}
function saveUserAttribute($userid,$attid,$data) {
if ($data["nodbsave"]) {
dbg("Not saving $attid");
return;
}
if ($attid == "emailcheck" || $attid == "passwordcheck") {
dbg("Not saving $attid");
return;
}
if (!$data["type"])
$data["type"] = "textline";
if ($data["type"] == "static" || $data["type"] == "password") {
Sql_Query(sprintf('update user set %s = "%s" where id = %d',
$attid,$data["value"],$userid));
return 1;
}
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from attribute where id = %d',$attid));
if (!$attid_req[0]) {
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from attribute where name = "%s"',$data["name"]));
if (!$attid_req[0]) {
if ($GLOBALS["config"]["autocreate_attributes"]) {
Dbg("Creating new Attribute: ".$data["name"]);
sendError("creating new attribute ".$data["name"]);
$atttable= getNewAttributeTablename($data["name"]);
Sql_Query(sprintf('insert into attribute (name,type,tablename) values("%s","%s","%s")',$data["name"],$data["type"],$atttable));
$attid = Sql_Insert_Id();
} else {
dbg("Not creating new Attribute: ".$data["name"]);
# sendError("Not creating new attribute ".$data["name"]);
}
} else {
$attid = $attid_req[0];
$atttable = $attid_req[2];
}
} else {
$attid = $attid_req[0];
$atttable = $attid_req[2];
}
if (!$atttable) {
$atttable = getNewAttributeTablename($data["name"]);
# fix attribute without tablename
Sql_Query(sprintf('update attribute set tablename ="%s" where id = %d',
$atttable,$attid));
# sendError("Attribute without Tablename $attid");
}
switch ($data["type"]) {
case "static":
case "password":
Sql_Query(sprintf('update user set %s = "%s" where id = %d',
$attid,$data["value"],$userid));
break;
case "select":
$curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s
where name = "%s"',$atttable,$data["displayvalue"]),1);
if (!$curval[0]) {
Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")',$atttable,
$data["displayvalue"]));
sendError("Added ".$data["displayvalue"]." to $atttable");
$valid = Sql_Insert_id();
} else {
$valid = $curval[0];
}
Sql_Query(sprintf('replace into user_attribute (userid,attributeid,value)
values(%d,%d,"%s")',$userid,$attid,$valid));
break;
default:
Sql_Query(sprintf('replace into user_attribute (userid,attributeid,value)
values(%d,%d,"%s")',$userid,$attid,$data["value"]));
break;
}
return 1;
}
$firstname_att_id = Sql_Insert_id();
} else {
$firstname_att_id = $_POST['attributeone'];
}
if ($_POST['attributetwo'] == 'create') {
$req = Sql_Query(sprintf('insert into %s (name,type)
values("Last Name","textline")', $tables['attribute']));
$lastname_att_id = Sql_Insert_id();
} else {
$lastname_att_id = $_POST['attributetwo'];
}
} else {
if ($_POST['attributeone'] == 'create') {
$req = Sql_Query(sprintf('insert into %s (name,type)
values("Name","textline")', $tables['attribute']));
$name_att_id = Sql_Insert_id();
} else {
$name_att_id = $_POST['attributeone'];
}
}
$x = 0;
$count_email_add = 0;
$count_exist = 0;
$count_list_add = 0;
foreach ($all_emails as $key => $versions) {
set_time_limit(60);
$importuser = getBestVersion($versions);
# print $importuser["personal"]." <".$importuser["email"]."><br/>";
printf('<input type="hidden" name="importemail[%s] value="%s">', $importuser['email'], $importuser['personal']);
# split personal in first and last name
list($importuser['firstname'], $importuser['lastname']) = explode(' ', $importuser['personal'], 2);
function repeatMessage($msgid)
{
# if (!USE_REPETITION && !USE_RSS) return;
# get the future embargo, either "repeat" minutes after the old embargo
# or "repeat" after this very moment to make sure that we're not sending the
# message every time running the queue when there's no embargo set.
$msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval repeatinterval minute) as newembargo,
date_add(now(),interval repeatinterval minute) as newembargo2, date_add(embargo,interval repeatinterval minute) > now() as isfuture
from %s where id = %d and repeatuntil > now()', $GLOBALS["tables"]["message"], $msgid));
if (!$msgdata["id"] || !$msgdata["repeatinterval"]) {
return;
}
# copy the new message
Sql_Query(sprintf('
insert into %s (entered) values(now())', $GLOBALS["tables"]["message"]));
$id = Sql_Insert_id();
require dirname(__FILE__) . '/structure.php';
if (!is_array($DBstruct["message"])) {
logEvent("Error including structure when trying to duplicate message {$msgid}");
return;
}
foreach ($DBstruct["message"] as $column => $rec) {
if ($column != "id" && $column != "entered" && $column != "sendstart") {
Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS["tables"]["message"], $column, addslashes($msgdata[$column]), $id));
}
}
$req = Sql_Query(sprintf('select * from %s where id = %d', $GLOBALS['tables']['messagedata'], $msgid));
while ($row = Sql_Fetch_Array($req)) {
Sql_Query(sprintf('insert into %s (name,id,data) values("%s",%d,"%s")', $GLOBALS['tables']['messagedata'], $row['name'], $id, addslashes($row['data'])));
}
# check whether the new embargo is not on an exclusion
if (is_array($GLOBALS["repeat_exclude"])) {
$repeatinterval = $msgdata["repeatinterval"];
$loopcnt = 0;
while (excludedDateForRepetition($msgdata["newembargo"])) {
$repeatinterval += $msgdata["repeatinterval"];
$loopcnt++;
$msgdata = Sql_Fetch_Array_Query(sprintf('select *,date_add(embargo,interval %d minute) as newembargo,
date_add(now(),interval %d minute) as newembargo2, date_add(embargo,interval %d minute) > now() as isfuture
from %s where id = %d and repeatuntil > now()', $repeatinterval, $repeatinterval, $repeatinterval, $GLOBALS["tables"]["message"], $msgid));
if ($loopcnt > 15) {
logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}");
return;
}
}
}
# correct some values
if (!$msgdata["isfuture"]) {
$msgdata["newembargo"] = $msgdata["newembargo2"];
}
Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS["tables"]["message"], $msgdata["newembargo"], $id));
// bug 0009687: maybe add "ashtml","astextandhtml" and put them in ashtml?
foreach (array("processed", "astext", "ashtml", "astextandhtml", "aspdf", "astextandpdf", "viewed", "bouncecount") as $item) {
Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS["tables"]["message"], $item, $id));
}
# lists
$req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS["tables"]["listmessage"], $msgid));
while ($row = Sql_Fetch_Row($req)) {
Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS["tables"]["listmessage"], $id, $row[0]));
}
# attachments
$req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"], $GLOBALS["tables"]["message_attachment"], $msgid, $GLOBALS["tables"]["message_attachment"], $GLOBALS["tables"]["attachment"]));
while ($row = Sql_Fetch_Array($req)) {
if (is_file($row["remotefile"])) {
# if the "remote file" is actually local, we want to refresh the attachment, so we set
# filename to nothing
$row["filename"] = "";
}
Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size)
values("%s","%s","%s","%s",%d)', $GLOBALS["tables"]["attachment"], addslashes($row["filename"]), addslashes($row["remotefile"]), addslashes($row["mimetype"]), addslashes($row["description"]), $row["size"]));
$attid = Sql_Insert_id();
Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS["tables"]["message_attachment"], $id, $attid));
}
logEvent("Message {$msgid} was successfully rescheduled as message {$id}");
}
function clickTrackLinkId($messageid, $userid, $url, $link)
{
global $cached;
if (!isset($cached['linktrack']) || !is_array($cached['linktrack'])) {
$cached['linktrack'] = array();
}
if (!isset($cached['linktracksent']) || !is_array($cached['linktracksent'])) {
$cached['linktracksent'] = array();
}
if (!isset($cached['linktrack'][$link])) {
/*
* we cannot handle URLs longer than 255 characters.
* to handle that, take out the substr below and change the DB:
*
* alter table phplist_linktrack_forward drop index urlunique;
* alter table phplist_linktrack_forward drop index urlindex;
* alter table phplist_linktrack_forward change url url text;
* alter table phplist_linktrack_forward add index urlunique (url(300));
* alter table phplist_linktrack_forward add index urlindex (url (300));
*
* with 300 being the new limit. Then also change the substr-255 to substr-300
*
* or to change back again:
*
* alter table phplist_linktrack_forward drop index urlunique;
* alter table phplist_linktrack_forward drop index urlindex;
* alter table phplist_linktrack_forward change url url varchar(255);
* alter table phplist_linktrack_forward add index urlunique (url);
* alter table phplist_linktrack_forward add index (url);
* */
$exists = Sql_Fetch_Row_Query(sprintf('select id from %s where url = "%s"', $GLOBALS['tables']['linktrack_forward'], sql_escape(substr($url, 0, 255))));
if (!$exists[0]) {
$personalise = preg_match('/uid=/', $link);
Sql_Query(sprintf('insert into %s set url = "%s", personalise = %d', $GLOBALS['tables']['linktrack_forward'], sql_escape($url), $personalise));
$fwdid = Sql_Insert_id();
} else {
$fwdid = $exists[0];
}
$cached['linktrack'][$link] = $fwdid;
} else {
$fwdid = $cached['linktrack'][$link];
}
if (!isset($cached['linktracksent'][$messageid]) || !is_array($cached['linktracksent'][$messageid])) {
$cached['linktracksent'][$messageid] = array();
}
if (!isset($cached['linktracksent'][$messageid][$fwdid])) {
$tot = Sql_Fetch_Row_Query(sprintf('select total from %s where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $messageid, $fwdid));
if (!Sql_Affected_Rows()) {
## first time for this link/message
Sql_Query(sprintf('replace into %s set total = %d,messageid = %d,forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $tot[0] + 1, $messageid, $fwdid));
} else {
Sql_Query(sprintf('update %s set total = %d where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $tot[0] + 1, $messageid, $fwdid));
}
$cached['linktracksent'][$messageid][$fwdid] = $tot[0] + 1;
} else {
++$cached['linktracksent'][$messageid][$fwdid];
## write every so often, to make sure it's saved when interrupted
if ($cached['linktracksent'][$messageid][$fwdid] % 100 == 0) {
Sql_Query(sprintf('update %s set total = %d where messageid = %d and forwardid = %d', $GLOBALS['tables']['linktrack_ml'], $cached['linktracksent'][$messageid][$fwdid], $messageid, $fwdid));
}
}
/* $req = Sql_Query(sprintf('insert ignore into %s (messageid,userid,forwardid)
values(%d,%d,"%s","%s")',$GLOBALS['tables']['linktrack'],$messageid,$userdata['id'],$url,addslashes($link)));
$req = Sql_Fetch_Row_Query(sprintf('select linkid from %s where messageid = %s and userid = %d and forwardid = %d
',$GLOBALS['tables']['linktrack'],$messageid,$userid,$fwdid));*/
return $fwdid;
}
function saveUserAttribute($userid, $attid, $data)
{
global $usertable_prefix, $tables;
# workaround for integration webbler/phplist
if (!isset($usertable_prefix)) {
$usertable_prefix = '';
}
if (!empty($tables["attribute"])) {
$att_table = $usertable_prefix . $tables["attribute"];
$user_att_table = $usertable_prefix . $tables["user_attribute"];
} else {
$att_table = $usertable_prefix . "attribute";
$user_att_table = $usertable_prefix . "user_attribute";
}
if ($data["nodbsave"]) {
dbg("Not saving {$attid}");
return;
}
if (strtolower($data) == 'invalid attribute index') {
return;
}
if ($attid == "emailcheck" || $attid == "passwordcheck") {
dbg("Not saving {$attid}");
return;
}
if (!$data["type"]) {
$data["type"] = "textline";
}
if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') {
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
if ($data["type"] == "password") {
Sql_Query(sprintf('update user set passwordchanged = now() where id = %d', $userid));
}
return 1;
}
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where id = %d', $att_table, $attid));
if (!$attid_req[0]) {
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where name = "%s"', $att_table, $data["name"]));
if (!$attid_req[0]) {
if ($GLOBALS["config"]["autocreate_attributes"]) {
Dbg("Creating new Attribute: " . $data["name"]);
sendError("creating new attribute " . $data["name"]);
$atttable = getNewAttributeTablename($data["name"]);
Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable));
$attid = Sql_Insert_Id();
} else {
dbg("Not creating new Attribute: " . $data["name"]);
# sendError("Not creating new attribute ".$data["name"]);
}
} else {
$attid = $attid_req[0];
$atttable = $attid_req[2];
}
} else {
$attid = $attid_req[0];
$atttable = $attid_req[2];
}
if (!$atttable) {
$atttable = getNewAttributeTablename($data["name"]);
# fix attribute without tablename
Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid));
# sendError("Attribute without Tablename $attid");
}
switch ($data["type"]) {
case "static":
case "password":
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
break;
case "select":
$curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s
where name = "%s"', $atttable, $data["displayvalue"]), 1);
if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') {
Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")', $atttable, $data["displayvalue"]));
sendError("Added " . $data["displayvalue"] . " to {$atttable}");
$valid = Sql_Insert_id();
} else {
$valid = $curval[0];
}
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid));
break;
case 'avatar':
if (is_array($_FILES)) {
## only avatars are files
$formfield = 'attribute' . $attid . '_file';
## the name of the fileupload element
if (!empty($_FILES[$formfield]['name'])) {
$tmpnam = $_FILES[$formfield]['tmp_name'];
move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg');
if (function_exists('resizeImageFile')) {
resizeImageFile('/tmp/avatar' . $userid . '.jpg', 250, 1);
}
$size = filesize('/tmp/avatar' . $userid . '.jpg');
# dbg('New size: '.$size);
if ($size < MAX_AVATAR_SIZE) {
$avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg');
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar)));
unlink('/tmp/avatar' . $userid . '.jpg');
}
}
}
break;
default:
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"]));
break;
}
return 1;
}
$total = Sql_Affected_Rows();
if ($total) {
output(s('converting data') . '<br/>');
}
while ($row = Sql_Fetch_Array($req)) {
if (checkLock($process_id)) {
keepLock($process_id);
} else {
output(s('processing cancelled'));
break;
}
$exists = Sql_Fetch_Row_Query(sprintf('select id from %s where url = "%s"', $GLOBALS['tables']['linktrack_forward'], $row['url']));
if (!$exists[0]) {
$personalise = preg_match('/uid=/', $row['forward']);
Sql_Query(sprintf('insert into %s (url,personalise) values("%s",%d)', $GLOBALS['tables']['linktrack_forward'], $row['url'], $personalise));
$fwdid = Sql_Insert_id();
} else {
$fwdid = $exists[0];
}
set_time_limit(600);
$messageid = $row['messageid'];
$userid = $row['userid'];
Sql_query(sprintf('insert into %s
set total = 1, forwardid = %d, messageid = %d
ON DUPLICATE KEY UPDATE total = total + 1', $GLOBALS['tables']['linktrack_ml'], $fwdid, $messageid));
if (!empty($row['firstclick'])) {
$result = Sql_Query(sprintf('select data, count(*) as count
from %s
where name = "Message Type" and linkid = %d
group by data', $GLOBALS['tables']['linktrack_userclick'], $row['linkid']));
while ($ucRow = Sql_Fetch_Array($result)) {
function processBounce ($link,$num,$header) {
global $tables;
$headerinfo = imap_headerinfo($link,$num);
$body= imap_body ($link,$num);
$msgid = 0;$user = 0;
preg_match ("/X-MessageId: (.*)/i",$body,$match);
if (is_array($match) && isset($match[1]))
$msgid= trim($match[1]);
if (!$msgid) {
# older versions use X-Message
preg_match ("/X-Message: (.*)/i",$body,$match);
if (is_array($match) && isset($match[1]))
$msgid= trim($match[1]);
}
preg_match ("/X-ListMember: (.*)/i",$body,$match);
if (is_array($match) && isset($match[1]))
$user = trim($match[1]);
if (!$user) {
# older version use X-User
preg_match ("/X-User: (.*)/i",$body,$match);
if (is_array($match) && isset($match[1]))
$user = trim($match[1]);
}
# some versions used the email to identify the users, some the userid and others the uniqid
# use backward compatible way to find user
if (preg_match ("/.*@.*/i",$user,$match)) {
$userid_req = Sql_Fetch_Row_Query("select id from {$tables["user"]} where email = \"$user\"");
if (VERBOSE)
output("UID".$userid_req[0]." MSGID".$msgid);
$userid = $userid_req[0];
} elseif (preg_match("/^\d$/",$user)) {
$userid = $user;
if (VERBOSE)
output( "UID".$userid." MSGID".$msgid);
} elseif ($user) {
$userid_req = Sql_Fetch_Row_Query("select id from {$tables["user"]} where uniqid = \"$user\"");
if (VERBOSE)
output( "UID".$userid_req[0]." MSGID".$msgid);
$userid = $userid_req[0];
} else {
$userid = '';
}
Sql_Query(sprintf('insert into %s (date,header,data)
values("%s","%s","%s")',
$tables["bounce"],
date("Y-m-d H:i",strtotime($headerinfo->Date)),
addslashes($header),
addslashes($body)));
$bounceid = Sql_Insert_id();
if ($msgid == "systemmessage" && $userid) {
Sql_Query(sprintf('update %s
set status = "bounced system message",
comment = "%s marked unconfirmed"
where id = %d',
$tables["bounce"],
$userid,$bounceid));
logEvent("$userid system message bounced, user marked unconfirmed");
Sql_Query(sprintf('update %s
set confirmed = 0
where id = %d',
$tables["user"],
$userid));
} elseif ($msgid && $userid) {
Sql_Query(sprintf('update %s
set status = "bounced list message %d",
comment = "%s bouncecount increased"
where id = %d',
$tables["bounce"],
$msgid,
$userid,$bounceid));
Sql_Query(sprintf('update %s
set bouncecount = bouncecount + 1
where id = %d',
$tables["message"],
$msgid));
Sql_Query(sprintf('update %s
set bouncecount = bouncecount + 1
where id = %d',
$tables["user"],
$userid));
Sql_Query(sprintf('insert into %s
set user = %d, message = %d, bounce = %d',
$tables["user_message_bounce"],
$userid,$msgid,$bounceid));
} elseif ($userid) {
Sql_Query(sprintf('update %s
set status = "bounced unidentified message",
comment = "%s bouncecount increased"
where id = %d',
$tables["bounce"],
$userid,$bounceid));
Sql_Query(sprintf('update %s
set bouncecount = bouncecount + 1
where id = %d',
$tables["user"],
$userid));
} else {
Sql_Query(sprintf('update %s
set status = "unidentified bounce",
comment = "not processed"
where id = %d',
$tables["bounce"],
$bounceid));
return false;
}
return true;
}
function repeatMessage($msgid)
{
# if (!USE_REPETITION && !USE_rss) return;
$data = loadMessageData($msgid);
## do not repeat when it has already been done
if ($data['repeatinterval'] == 0 || !empty($data['repeatedid'])) {
return;
}
# calculate the future embargo, a multiple of repeatinterval minutes after the current embargo
$msgdata = Sql_Fetch_Array_Query(sprintf('SELECT *,
embargo +
INTERVAL (FLOOR(TIMESTAMPDIFF(MINUTE, embargo, GREATEST(embargo, NOW())) / repeatinterval) + 1) * repeatinterval MINUTE AS newembargo
FROM %s
WHERE id = %d AND now() < repeatuntil', $GLOBALS['tables']['message'], $msgid));
if (!$msgdata) {
logEvent("Message {$msgid} not repeated due to reaching the repeatuntil date");
return;
}
# check whether the new embargo is not on an exclusion
if (isset($GLOBALS['repeat_exclude']) && is_array($GLOBALS['repeat_exclude'])) {
$loopcnt = 0;
while (excludedDateForRepetition($msgdata['newembargo'])) {
if (++$loopcnt > 15) {
logEvent("Unable to find new embargo date too many exclusions? for message {$msgid}");
return;
}
$result = Sql_Fetch_Array_Query(sprintf("SELECT '%s' + INTERVAL repeatinterval MINUTE AS newembargo\n FROM %s\n WHERE id = %d", $msgdata['newembargo'], $GLOBALS['tables']['message'], $msgid));
$msgdata['newembargo'] = $result['newembargo'];
}
}
# copy the new message
Sql_Query(sprintf('
insert into %s (entered) values(now())', $GLOBALS['tables']['message']));
$newid = Sql_Insert_id();
require dirname(__FILE__) . '/structure.php';
if (!is_array($DBstruct['message'])) {
logEvent("Error including structure when trying to duplicate message {$msgid}");
return;
}
foreach ($DBstruct['message'] as $column => $rec) {
if ($column != 'id' && $column != 'entered' && $column != 'sendstart') {
Sql_Query(sprintf('update %s set %s = "%s" where id = %d', $GLOBALS['tables']['message'], $column, addslashes($msgdata[$column]), $newid));
}
}
$req = Sql_Query(sprintf("SELECT *\n FROM %s\n WHERE id = %d AND name NOT IN ('id')", $GLOBALS['tables']['messagedata'], $msgid));
while ($row = Sql_Fetch_Array($req)) {
setMessageData($newid, $row['name'], $row['data']);
}
Sql_Query(sprintf('update %s set embargo = "%s",status = "submitted",sent = "" where id = %d', $GLOBALS['tables']['message'], $msgdata['newembargo'], $newid));
list($e['year'], $e['month'], $e['day'], $e['hour'], $e['minute'], $e['second']) = sscanf($msgdata['newembargo'], '%04d-%02d-%02d %02d:%02d:%02d');
unset($e['second']);
setMessageData($newid, 'embargo', $e);
foreach (array('processed', 'astext', 'ashtml', 'astextandhtml', 'aspdf', 'astextandpdf', 'viewed', 'bouncecount') as $item) {
Sql_Query(sprintf('update %s set %s = 0 where id = %d', $GLOBALS['tables']['message'], $item, $newid));
}
# lists
$req = Sql_Query(sprintf('select listid from %s where messageid = %d', $GLOBALS['tables']['listmessage'], $msgid));
while ($row = Sql_Fetch_Row($req)) {
Sql_Query(sprintf('insert into %s (messageid,listid,entered) values(%d,%d,now())', $GLOBALS['tables']['listmessage'], $newid, $row[0]));
}
# attachments
$req = Sql_Query(sprintf('select * from %s,%s where %s.messageid = %d and %s.attachmentid = %s.id', $GLOBALS['tables']['message_attachment'], $GLOBALS['tables']['attachment'], $GLOBALS['tables']['message_attachment'], $msgid, $GLOBALS['tables']['message_attachment'], $GLOBALS['tables']['attachment']));
while ($row = Sql_Fetch_Array($req)) {
if (is_file($row['remotefile'])) {
# if the "remote file" is actually local, we want to refresh the attachment, so we set
# filename to nothing
$row['filename'] = '';
}
Sql_Query(sprintf('insert into %s (filename,remotefile,mimetype,description,size)
values("%s","%s","%s","%s",%d)', $GLOBALS['tables']['attachment'], addslashes($row['filename']), addslashes($row['remotefile']), addslashes($row['mimetype']), addslashes($row['description']), $row['size']));
$attid = Sql_Insert_id();
Sql_Query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $GLOBALS['tables']['message_attachment'], $newid, $attid));
}
logEvent("Message {$msgid} was successfully rescheduled as message {$newid}");
## remember we duplicated, in order to avoid doing it again (eg when requeuing)
setMessageData($msgid, 'repeatedid', $newid);
if (getConfig('pqchoice') == 'phplistdotcom') {
activateRemoteQueue();
}
}
} else {
$html .= $attributes[$item["record"]];
}
$html .= " -> " . $user[$item["index"]] . "<br>";
}
}
if ($html) {
print '<blockquote>' . $html . '</blockquote>';
}
} else {
# do import
# create new attributes
foreach ($_SESSION["import_attribute"] as $column => $item) {
if ($item["record"] == "new") {
Sql_Query(sprintf('insert into %s (name,type) values("%s","textline")', $tables["attribute"], addslashes($column)));
$attid = Sql_Insert_id();
Sql_Query(sprintf('update %s set tablename = "attr%d" where id = %d', $tables["attribute"], $attid, $attid));
Sql_Query("create table " . $GLOBALS["table_prefix"] . "listattr_attr" . $attid . "\n (id integer not null primary key auto_increment, name varchar(255) unique,\n listorder integer default 0)");
$_SESSION["import_attribute"][$column]["record"] = $attid;
}
}
$new = 0;
$cnt++;
if ($cnt % 25 == 0) {
print "<br/>\n{$cnt}/{$total}";
flush();
}
if ($user["systemvalues"]["foreign key"]) {
$result = Sql_query(sprintf('select id,uniqid from %s where foreignkey = "%s"', $tables["user"], $user["systemvalues"]["foreign key"]));
# print "<br/>Using foreign key for matching: ".$user["systemvalues"]["foreign key"];
$count["fkeymatch"]++;
}
if (isset($_GET['id'])) {
$id = sprintf('%d', $_GET['id']);
} else {
$id = 0;
}
if (isset($_POST["save"]) || isset($_POST["activate"]) || isset($_POST["deactivate"])) {
$owner = $_POST["owner"];
if (!$owner) {
$owner = $_SESSION['logindetails']['id'];
}
if ($id) {
Sql_Query(sprintf('update %s set title = "%s",owner = %d where id = %d', $tables["subscribepage"], $title, $owner, $id));
} else {
Sql_Query(sprintf('insert into %s (title,owner) values("%s",%d)', $tables["subscribepage"], $title, $owner));
$id = Sql_Insert_id();
}
Sql_Query(sprintf('delete from %s where id = %d', $tables["subscribepage_data"], $id));
foreach (array("title", "intro", "header", "footer", "thankyoupage", "button", "htmlchoice", "emaildoubleentry") as $item) {
Sql_Query(sprintf('insert into %s (name,id,data) values("%s",%d,"%s")', $tables["subscribepage_data"], $item, $id, $_POST[$item]));
}
foreach (array("subscribesubject", "subscribemessage", "confirmationsubject", "confirmationmessage") as $item) {
SaveConfig("{$item}:{$id}", stripslashes($_POST[$item]), 0);
}
Sql_Query(sprintf('delete from %s where id = %d and name like "attribute___"', $tables["subscribepage_data"], $id));
if (is_array($attr_use)) {
$cnt = 0;
$attributes = "";
while (list($att, $val) = each($attr_use)) {
$default = $attr_default[$att];
$order = $attr_listorder[$att];
if (!$valueid[0]) {
Sql_Query(sprintf('insert into %slistattr_%s set name = "%s"', $table_prefix, $tname[0], $att['displayvalue']));
$att['value'] = Sql_Insert_id();
} else {
$att['value'] = $valueid[0];
}
break;
case 'checkboxgroup':
$vals = explode(',', $att['displayvalue']);
array_pop($vals);
$att['value'] = '';
foreach ($vals as $val) {
$valueid = Sql_Fetch_Row_Query(sprintf('select id from %slistattr_%s where name = "%s"', $table_prefix, $tname[0], $val));
if (!$valueid[0]) {
Sql_Query(sprintf('insert into %slistattr_%s set name = "%s"', $table_prefix, $tname[0], $val));
$att['value'] .= Sql_Insert_id() . ',';
} else {
$att['value'] .= $valueid[0] . ',';
}
}
$att['value'] = substr($att['value'], 0, -1);
break;
}
if ($att['value']) {
Sql_Query(sprintf('replace into %s set
attributeid = %d, userid = %d, value = "%s"', $tables['user_attribute'], $localattid, $userid, addslashes($att['value'])));
}
}
}
}
if (is_array($userlists)) {
function saveUserAttribute($userid, $attid, $data)
{
global $usertable_prefix, $table_prefix, $tables;
# workaround for integration webbler/phplist
if (!isset($usertable_prefix)) {
$usertable_prefix = '';
}
if (!isset($table_prefix)) {
$table_prefix = 'phplist_';
}
if (!empty($tables["attribute"])) {
$att_table = $usertable_prefix . $tables["attribute"];
$user_att_table = $usertable_prefix . $tables["user_attribute"];
} else {
$att_table = $usertable_prefix . "attribute";
$user_att_table = $usertable_prefix . "user_attribute";
}
if (!is_array($data)) {
$tmp = $data;
$data = Sql_Fetch_Assoc_Query(sprintf('select * from %s where id = %d', $att_table, $attid));
$data['value'] = $tmp;
$data['displayvalue'] = $tmp;
}
# dbg($data,'$data to store for '.$userid.' '.$attid);
if ($data["nodbsave"]) {
# dbg($attid, "Not saving, nodbsave");
return;
}
if ($attid == "emailcheck" || $attid == "passwordcheck") {
# dbg($attid, "Not saving, emailcheck/passwordcheck");
return;
}
if (!$data["type"]) {
$data["type"] = "textline";
}
if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') {
if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') {
$data["value"] = 'not authoritative';
}
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
dbg('Saving', $data['value'], DBG_TRACE);
if ($data["type"] == "password") {
Sql_Query(sprintf('update user set passwordchanged = now(),password="******" where id = %d', hash('sha256', $data['value']), $userid));
}
return 1;
}
$attributetype = $data['type'];
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where id = %d', $att_table, $attid));
if (!$attid_req[0]) {
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where name = "%s"', $att_table, $data["name"]));
if (!$attid_req[0]) {
if (!empty($data["name"]) && $GLOBALS["config"]["autocreate_attributes"]) {
# Dbg("Creating new Attribute: ".$data["name"]);
sendError("creating new attribute " . $data["name"]);
$atttable = getNewAttributeTablename($data["name"]);
Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable));
$attid = Sql_Insert_Id();
} else {
# dbg("Not creating new Attribute: ".$data["name"]);
# sendError("Not creating new attribute ".$data["name"]);
}
} else {
$attid = $attid_req[0];
if (empty($attributetype)) {
$attributetype = $attid_req[1];
}
$atttable = $attid_req[2];
}
} else {
$attid = $attid_req[0];
if (empty($attributetype)) {
$attributetype = $attid_req[1];
}
$atttable = $attid_req[2];
}
if (!$atttable && !empty($data['name'])) {
$atttable = getNewAttributeTablename($data["name"]);
# fix attribute without tablename
Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid));
# sendError("Attribute without Tablename $attid");
}
switch ($attributetype) {
case "static":
case "password":
# dbg('SAVING STATIC OR PASSWORD');
if (!empty($GLOBALS['config']['dontsave_userpassword']) && $data['type'] == 'password') {
$data["value"] = 'not authoritative';
}
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
break;
case "select":
$curval = Sql_Fetch_Row_Query(sprintf('select id from ' . $table_prefix . 'listattr_%s
where name = "%s"', $atttable, $data["displayvalue"]), 1);
if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') {
Sql_Query(sprintf('insert into ' . $table_prefix . 'listattr_%s (name) values("%s")', $atttable, $data["displayvalue"]));
sendError("Added " . $data["displayvalue"] . " to {$atttable}");
$valid = Sql_Insert_id();
} else {
$valid = $curval[0];
}
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid));
break;
case 'avatar':
if (is_array($_FILES)) {
## only avatars are files, for now
if (!defined('MAX_AVATAR_SIZE')) {
define('MAX_AVATAR_SIZE', 100000);
}
$formfield = 'attribute' . $attid . '_file';
## the name of the fileupload element
if (!empty($_FILES[$formfield]['name']) && !empty($_FILES[$formfield]['tmp_name'])) {
$tmpnam = $_FILES[$formfield]['tmp_name'];
move_uploaded_file($tmpnam, '/tmp/avatar' . $userid . '.jpg');
$size = filesize('/tmp/avatar' . $userid . '.jpg');
# dbg('New size: '.$size);
if ($size < MAX_AVATAR_SIZE) {
$avatar = file_get_contents('/tmp/avatar' . $userid . '.jpg');
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, base64_encode($avatar)));
unlink('/tmp/avatar' . $userid . '.jpg');
}
}
}
break;
default:
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"]));
break;
}
return 1;
}
$type = $_SESSION['grouptype'];
}
$type = sprintf('%d', $type);
## verify the type is set
if (!in_array($type, array_keys($GLOBALS['config']['usergroup_types']))) {
Warn('Invalid group membership type' . $type);
dbg($type, 'Type not found');
}
$columnGroups = explode(',', $value);
foreach ($columnGroups as $sGroup) {
$sGroup = trim($sGroup);
$groupIdReq = Sql_Fetch_Row_Query(sprintf('select id from groups where name = "%s"', $sGroup));
if (empty($groupIdReq[0])) {
Sql_Query(sprintf('insert into groups (name) values("%s")', $sGroup));
Warn("Group {$sGroup} added");
$groupIdReq[0] = Sql_Insert_id();
}
dbg('Adding to group ' . $sGroup . ' with type ' . $GLOBALS['config']['usergroup_types'][$type]);
## @@ this may cause problems on not-upgraded DBs
Sql_Query(sprintf('replace into user_group (userid,groupid,type) values(%d,%d,%d)', $userid, $groupIdReq[0], $type));
}
} else {
$query .= sprintf('%s = "%s",', $column, $value);
}
}
}
if ($query) {
$query = substr($query, 0, -1);
# this may cause a duplicate error on email, so add ignore
Sql_Query("update ignore {$tables["user"]} set {$query} where id = {$userid}");
}
if (is_file($tmpfile)) {
unlink($tmpfile);
}
# do a final check
if (filesize($GLOBALS['attachment_repository'] . '/' . $newfile)) {
print Info(s('Attachment %d succesfully added', $att_cnt));
} else {
print Info(s('Adding attachment %d failed', $att_cnt));
}
} else {
print Warn($GLOBALS['I18N']->get('Uploaded file not properly received, empty file'));
}
} elseif (!empty($_POST['localattachment' . $att_cnt])) {
$type = findMime(basename($_POST['localattachment' . $att_cnt]));
Sql_query(sprintf('insert into %s (remotefile,mimetype,description,size) values("%s","%s","%s",%d)', $tables['attachment'], $_POST['localattachment' . $att_cnt], $type, $description, filesize($_POST['localattachment' . $att_cnt])));
$attachmentid = Sql_Insert_id();
Sql_query(sprintf('insert into %s (messageid,attachmentid) values(%d,%d)', $tables['message_attachment'], $id, $attachmentid));
print Info(s('Adding attachment') . ' ' . $att_cnt . " mime: {$type}");
}
}
}
## when followupto is set, go there
if (!empty($_POST['followupto']) && isValidRedirect($_POST['followupto'])) {
Header('Location: ' . $_POST['followupto']);
exit;
}
if (!empty($id) && !$send) {
if ($savedraft) {
$_SESSION['action_result'] = s('Campaign saved as draft');
Header('Location: ./?page=messages&tab=draft');
exit;
function saveUserAttribute($userid, $attid, $data)
{
global $usertable_prefix, $tables;
# workaround for integration webbler/phplist
if (!isset($usertable_prefix)) {
$usertable_prefix = '';
}
if (!empty($tables["attribute"])) {
$att_table = $tables["attribute"];
$user_att_table = $tables["user_attribute"];
} else {
$att_table = $usertable_prefix . "attribute";
$user_att_table = $usertable_prefix . "user_attribute";
}
if ($data["nodbsave"]) {
dbg("Not saving {$attid}");
return;
}
if (strtolower($data) == 'invalid attribute index') {
return;
}
if ($attid == "emailcheck" || $attid == "passwordcheck") {
dbg("Not saving {$attid}");
return;
}
if (!$data["type"]) {
$data["type"] = "textline";
}
if ($data["type"] == "static" || $data["type"] == "password" || $data['type'] == 'htmlpref') {
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
if ($data["type"] == "password") {
Sql_Query(sprintf('update user set passwordchanged = now() where id = %d', $userid));
}
return 1;
}
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where id = %d', $att_table, $attid));
if (!$attid_req[0]) {
$attid_req = Sql_Fetch_Row_Query(sprintf('
select id,type,tablename from %s where name = "%s"', $att_table, $data["name"]));
if (!$attid_req[0]) {
if ($GLOBALS["config"]["autocreate_attributes"]) {
Dbg("Creating new Attribute: " . $data["name"]);
sendError("creating new attribute " . $data["name"]);
$atttable = getNewAttributeTablename($data["name"]);
Sql_Query(sprintf('insert into %s (name,type,tablename) values("%s","%s","%s")', $att_table, $data["name"], $data["type"], $atttable));
$attid = Sql_Insert_Id();
} else {
dbg("Not creating new Attribute: " . $data["name"]);
# sendError("Not creating new attribute ".$data["name"]);
}
} else {
$attid = $attid_req[0];
$atttable = $attid_req[2];
}
} else {
$attid = $attid_req[0];
$atttable = $attid_req[2];
}
if (!$atttable) {
$atttable = getNewAttributeTablename($data["name"]);
# fix attribute without tablename
Sql_Query(sprintf('update %s set tablename ="%s" where id = %d', $att_table, $atttable, $attid));
# sendError("Attribute without Tablename $attid");
}
switch ($data["type"]) {
case "static":
case "password":
Sql_Query(sprintf('update user set %s = "%s" where id = %d', $attid, $data["value"], $userid));
break;
case "select":
$curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s
where name = "%s"', $atttable, $data["displayvalue"]), 1);
if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') {
Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")', $atttable, $data["displayvalue"]));
sendError("Added " . $data["displayvalue"] . " to {$atttable}");
$valid = Sql_Insert_id();
} else {
$valid = $curval[0];
}
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $valid));
break;
default:
Sql_Query(sprintf('replace into %s (userid,attributeid,value)
values(%d,%d,"%s")', $user_att_table, $userid, $attid, $data["value"]));
break;
}
return 1;
}
